Password-less SSH

Since I use SSH a lot, I've gone through the minimal effort required
to setup password-less SSH between the computers on which I have
accounts. Note that you should only keep private keys on computers
that you trust (i.e. computers where you are the only admin).

I don't end up typing these commands very often, so I've created a set
of three simple scripts (ssh-key.sh, ssh-remote.sh, and
ssh-prime.sh), since ssh-<TAB> is easier to remember than the
commands themselves. With the scripts in your path, run:

$ ssh-key.sh

to generate a SSH private/public keypair. Then run:

$ ssh-remote.sh me@remote.edu

to configure your remote.edu account to allow passwordless logins
from your new key. After each login, run:

$ ssh-prime.sh

and enter your passphrase to start the SSH agent, and tell your shell
about the agent with:

$ . /tmp/$(whoami)/.ssh/.ssh-agent-info-$(hostname)

I usually prime the SSH agent right after I log in (before running
screen or startx) to that new terminals come up knowing about
the agent. You can also add something like:

Grabbing a ssh-agent by process ID

If you clobber your ssh-agent environment somehow (or you want to
“borrow” another user's agent to show them the security risks of
running an agent on a computer that they don't own),
ssh-agent-grab.sh will show you how to setup your environment:

mxconns

mxconns is a simple X monitor and proxy that I use to accept
remote X connections when running MPE on my cluster. The
mxconns post has more details if you're interested.

Credits

This sort of thing is the subject of innumerable websites, but due to
the fluid nature of the web, they tend to disappear over time. Thanks
to Ted Dustman (at the University of Utah in 2007) for his post (now
missing). Still available related posts: